Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

need to add an option to avoid scan the Internet ips #2940

Closed
1 of 8 tasks
jhd2best opened this issue May 7, 2020 · 11 comments
Closed
1 of 8 tasks

need to add an option to avoid scan the Internet ips #2940

jhd2best opened this issue May 7, 2020 · 11 comments
Assignees
@rlan35 @LeoHChen @jz0000
Labels
bug Something isn't working

Comments

@jhd2best
Copy link
Contributor

jhd2best commented May 7, 2020

Problem/limitation At Hand

We've got a message from our FN partner, that he was received a warning from the IDC operator as follows:

We have indications that there was an attack from your server.
Please take all necessary measures to avoid this in the future and to solve the issue.

Netscan detected from host xxx.xxx.xxx.xxx

time protocol src_ip src_port dest_ip dest_port

Sun May 3 23:11:53 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.0.0.5 9000
Sun May 3 23:11:56 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.0.0.5 9000
Sun May 3 23:11:49 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.0.0.49 9000
Sun May 3 23:11:27 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.0.2.15 9000
Sun May 3 23:11:30 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.0.2.15 9000
Sun May 3 23:11:51 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.10.0.6 9000
Sun May 3 23:11:44 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.10.0.7 9000
Sun May 3 23:12:37 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.10.0.7 9000
Sun May 3 23:11:35 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.10.0.8 9000
Sun May 3 23:11:35 2020 TCP xxx.xxx.xxx.xxx 43932 => 10.10.0.8 9000
Sun May 3 23:11:40 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.46.0.6 9000
Sun May 3 23:11:30 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.128.0.2 9000
Sun May 3 23:11:41 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.140.0.8 9000
Sun May 3 23:11:42 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.140.0.8 9000
Sun May 3 23:11:29 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.142.0.6 9000
Sun May 3 23:11:50 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.146.0.10 9000
Sun May 3 23:11:38 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.148.0.14 9000
Sun May 3 23:11:51 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.154.0.7 9000
Sun May 3 23:11:29 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.154.0.10 9000
Sun May 3 23:11:27 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.154.0.11 9000
Sun May 3 23:11:54 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.0.1 9000
Sun May 3 23:11:55 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.0.1 9000
Sun May 3 23:11:57 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.0.1 9000
Sun May 3 23:11:49 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.2.1 9000
Sun May 3 23:11:52 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.2.1 9000
Sun May 3 23:11:54 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.3.1 9000
Sun May 3 23:11:55 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.3.1 9000
Sun May 3 23:11:57 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.3.1 9000
Sun May 3 23:11:55 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.5.1 9000
Sun May 3 23:11:56 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.5.1 9000
Sun May 3 23:11:58 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.5.1 9000
Sun May 3 23:11:55 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.6.1 9000
Sun May 3 23:11:57 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.6.1 9000
Sun May 3 23:11:59 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.7.1 9000
Sun May 3 23:11:49 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.8.1 9000
Sun May 3 23:11:50 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.8.1 9000
Sun May 3 23:11:55 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.9.1 9000
Sun May 3 23:11:57 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.9.1 9000
Sun May 3 23:11:49 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.10.1 9000
Sun May 3 23:11:50 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.10.1 9000
Sun May 3 23:11:52 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.10.1 9000
Sun May 3 23:12:00 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.11.1 9000
Sun May 3 23:12:03 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.11.1 9000
Sun May 3 23:11:55 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.12.1 9000
Sun May 3 23:11:57 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.12.1 9000
Sun May 3 23:12:00 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.13.1 9000
Sun May 3 23:12:03 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.13.1 9000
Sun May 3 23:11:49 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.15.1 9000
Sun May 3 23:11:52 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.15.1 9000
Sun May 3 23:11:54 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.16.1 9000
Sun May 3 23:11:55 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.16.1 9000
Sun May 3 23:11:57 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.16.1 9000
Sun May 3 23:12:00 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.17.1 9000
Sun May 3 23:12:03 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.17.1 9000
Sun May 3 23:11:49 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.18.1 9000
Sun May 3 23:11:52 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.18.1 9000
Sun May 3 23:11:49 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.19.1 9000
Sun May 3 23:12:05 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.20.1 9000
Sun May 3 23:12:07 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.20.1 9000
Sun May 3 23:12:04 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.21.1 9000
Sun May 3 23:12:03 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.22.1 9000
Sun May 3 23:12:00 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.23.1 9000
Sun May 3 23:12:03 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.23.1 9000
Sun May 3 23:11:54 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.24.1 9000
Sun May 3 23:11:55 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.24.1 9000
Sun May 3 23:11:57 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.24.1 9000
Sun May 3 23:11:49 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.25.1 9000
Sun May 3 23:11:52 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.182.25.1 9000
Sun May 3 23:12:35 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.2.199 9000
Sun May 3 23:11:45 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.2.202 9000
Sun May 3 23:11:47 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.2.202 9000
Sun May 3 23:11:27 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.2.204 9000
Sun May 3 23:11:30 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.2.204 9000
Sun May 3 23:11:29 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.3.255 9000
Sun May 3 23:11:52 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.5.147 9000
Sun May 3 23:11:53 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.5.147 9000
Sun May 3 23:11:55 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.5.147 9000
Sun May 3 23:11:44 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.5.163 9000
Sun May 3 23:11:45 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.5.163 9000
Sun May 3 23:11:47 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.5.163 9000
Sun May 3 23:12:37 2020 TCP xxx.xxx.xxx.xxx 9000 => 10.244.5.164 9000

Which component?

  • consensus
  • deploy script
  • wallet
  • explorer
  • node script
  • test automation
  • demo app
  • others ...

Proposed Solution

need to add an option like --no-private-ipv4 to avoid scan the Internet ips

Additional Context

can refer to the PR from polkadot
@jhd2best jhd2best added the enhancement New feature or request label May 7, 2020
@sophoah
Copy link
Contributor

sophoah commented May 7, 2020

@LeoHChen @jz0000 we have to carefully test that as it may conflict with #2865.

@jz0000
Copy link

jz0000 commented May 9, 2020

@sophoah @jhd2best it would be better to have a clear conversation to understand better customers' situation, before we decide on solution.

@mindstyle85
Copy link

this one should get implemented in my opinion, since i am getting abuse messages from my service provider, just like that message above in OP

@mindstyle85 mindstyle85 mentioned this issue May 10, 2020
Closed
@LeoHChen LeoHChen added the bug Something isn't working label May 16, 2020
@mindstyle85
Copy link

##########################################################################

Netscan detected from host XXXXX

##########################################################################

time protocol src_ip src_port dest_ip dest_port

Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 10.0.0.2 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 10.0.0.2 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 10.0.0.5 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 10.0.9.208 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 10.0.12.169 9000
Sat May 16 12:06:17 2020 TCP 78.46.249.71 9000 => 10.0.13.250 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 10.3.13.12 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 10.6.3.251 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 10.6.3.251 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 10.6.3.251 9000
Sat May 16 12:06:20 2020 TCP 78.46.249.71 9000 => 10.9.2.21 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 10.9.2.21 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 10.10.0.5 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 10.10.0.6 9000
Sat May 16 12:06:20 2020 TCP 78.46.249.71 9000 => 10.15.0.5 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 10.16.0.6 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 10.19.0.5 9000
Sat May 16 12:06:17 2020 TCP 78.46.249.71 9000 => 10.19.76.97 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 10.46.0.7 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 10.64.204.27 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 10.68.86.109 9000
Sat May 16 12:06:27 2020 TCP 78.46.249.71 9000 => 10.69.28.151 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 10.69.56.81 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 10.87.3.21 9000
Sat May 16 12:06:17 2020 TCP 78.46.249.71 9000 => 10.128.0.2 9000
Sat May 16 12:06:17 2020 TCP 78.46.249.71 9000 => 10.128.0.3 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 10.128.0.5 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 10.140.0.9 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 10.140.0.9 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 10.140.11.26 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 10.140.11.26 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 10.146.0.11 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 10.148.0.13 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 10.148.0.13 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 10.164.0.15 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 10.164.0.16 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 10.240.0.13 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 10.240.0.19 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 10.255.128.18 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.17.0.1 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.17.0.1 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 172.17.0.1 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 46490 => 172.17.0.1 9000
Sat May 16 12:06:20 2020 TCP 78.46.249.71 46492 => 172.17.0.1 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 172.17.0.1 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 46494 => 172.17.0.1 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 46496 => 172.17.0.1 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 46492 => 172.17.0.1 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 46498 => 172.17.0.1 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 46498 => 172.17.0.1 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.17.0.1 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 172.17.0.1 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 46498 => 172.17.0.1 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.17.0.1 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.17.0.2 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.20.0.1 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.20.0.1 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.20.0.1 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.21.0.1 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.21.0.1 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.21.0.1 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 172.25.93.225 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.25.95.64 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 172.25.95.64 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 172.25.95.64 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 172.25.95.178 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.25.95.178 9000
Sat May 16 12:06:20 2020 TCP 78.46.249.71 9000 => 172.31.0.26 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 172.31.0.26 9000
Sat May 16 12:06:27 2020 TCP 78.46.249.71 9000 => 172.31.2.7 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 172.31.2.37 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.2.163 9000
Sat May 16 12:06:17 2020 TCP 78.46.249.71 9000 => 172.31.2.250 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.2.250 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 172.31.3.13 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.3.47 9000
Sat May 16 12:06:17 2020 TCP 78.46.249.71 9000 => 172.31.3.125 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.3.125 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 172.31.3.184 9000
Sat May 16 12:06:17 2020 TCP 78.46.249.71 9000 => 172.31.3.186 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.31.3.186 9000
Sat May 16 12:06:27 2020 TCP 78.46.249.71 9000 => 172.31.3.186 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.4.19 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.31.4.68 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.31.4.74 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.31.4.74 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.31.5.41 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.5.162 9000
Sat May 16 12:06:17 2020 TCP 78.46.249.71 9000 => 172.31.5.180 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 172.31.5.219 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 172.31.6.222 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.31.6.222 9000
Sat May 16 12:06:27 2020 TCP 78.46.249.71 9000 => 172.31.8.58 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.31.8.217 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 172.31.8.217 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.31.9.147 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.31.10.205 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.10.211 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.31.12.141 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.31.12.141 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 172.31.12.250 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.31.13.21 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.31.14.41 9000
Sat May 16 12:06:27 2020 TCP 78.46.249.71 9000 => 172.31.14.41 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.31.15.103 9000
Sat May 16 12:06:17 2020 TCP 78.46.249.71 9000 => 172.31.15.170 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.15.170 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 172.31.15.191 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.31.15.244 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.31.16.144 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 172.31.17.52 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 172.31.17.158 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 172.31.20.139 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 172.31.24.92 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.31.24.246 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.26.22 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 172.31.26.22 9000
Sat May 16 12:06:20 2020 TCP 78.46.249.71 9000 => 172.31.27.250 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 172.31.28.69 9000
Sat May 16 12:06:17 2020 TCP 78.46.249.71 9000 => 172.31.29.117 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.31.31.36 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 172.31.31.215 9000
Sat May 16 12:06:26 2020 TCP 78.46.249.71 9000 => 172.31.37.76 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 172.31.39.109 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 172.31.39.247 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 172.31.42.157 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.31.42.157 9000
Sat May 16 12:06:27 2020 TCP 78.46.249.71 9000 => 172.31.45.49 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.31.45.173 9000
Sat May 16 12:06:25 2020 TCP 78.46.249.71 9000 => 172.31.45.173 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 172.31.53.196 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 172.31.53.243 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.31.53.243 9000
Sat May 16 12:06:22 2020 TCP 78.46.249.71 9000 => 172.31.55.140 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.59.141 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.60.98 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 172.31.60.98 9000
Sat May 16 12:06:20 2020 TCP 78.46.249.71 9000 => 172.31.60.128 9000
Sat May 16 12:06:21 2020 TCP 78.46.249.71 9000 => 172.31.60.128 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.61.150 9000
Sat May 16 12:06:19 2020 TCP 78.46.249.71 9000 => 172.31.61.150 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.31.61.176 9000
Sat May 16 12:06:20 2020 TCP 78.46.249.71 9000 => 172.31.83.213 9000
Sat May 16 12:06:18 2020 TCP 78.46.249.71 9000 => 172.31.85.199 9000
Sat May 16 12:06:23 2020 TCP 78.46.249.71 9000 => 172.31.87.243 9000
Sat May 16 12:06:24 2020 TCP 78.46.249.71 9000 => 172.31.90.207 9000

@mindstyle85
Copy link

please make sure that packages with private subnets as destination do not leave your external interface as those addresses are not allowed to be routed on the Internet. Here is a brief list of all private sub nets:

-----------------%<-----------------

https://tools.ietf.org/html/rfc1918

https://tools.ietf.org/html/rfc6598

https://tools.ietf.org/html/rfc3927

-----------------%<-----------------

10.0.0.0/8

172.16.0.0/12

192.168.0.0/16

100.64.0.0/10

169.254.0.0/16

-----------------%<-----------------

the providers seem to get fed up slowly with these netscans, they happen only on restarts it seems and theyre random

@mindstyle85
Copy link

the netscan happens upon node.sh restart, manual or before via OOB. It then scans a bunch of private subnets as seen above. It does not happen everytime a node is restarted though.

currently only hetzner seem to track this closely enough, but if they can see it then other providers might too and start closing down people's instances. I would advise a quick resolve of this one.

I quickly glanced at node.sh and i actually dont see much that could cause it there, so there is a possibility this derives from any other file, lib, or harmony binary?

@nyetwurk
Copy link
Contributor

This is likely another node runner's node.sh not picking up the public IP correctly via
PUB_IP=$(dig -4 @resolver1.opendns.com ANY myip.opendns.com +short)
then deciding to advertise a private IP as its public IP.

On my own personal (not work) machines I firewall all RFC 1918 traffic.

I can't do that on our nodes since they actually are NATed and those IPs are valid.

This is really really rude on node operator's part because they're advertising IPs that could actually be valid but are pointing to a different machine.

@mindstyle85 mindstyle85 removed the enhancement New feature or request label May 21, 2020
@LeoHChen LeoHChen closed this as completed Dec 9, 2020
@lcgogo lcgogo mentioned this issue Jun 18, 2021
Closed
@AustinHDev
Copy link

Also got hit from Hetzner for this exact issue. Would love to see a fix deployed soon.

@AustinHDev
Copy link

Is there an update on this issue? @sophoah

@immunity20
Copy link

Any update?

@acryptosx
Copy link

fyi, this has been addressed: 947c6ef

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rlan35 rlan35

@LeoHChen LeoHChen

@jz0000 jz0000

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@rlan35 @nyetwurk @LeoHChen @jhd2best @immunity20 @sophoah @mindstyle85 @jz0000 @acryptosx @AustinHDev